http://www.theinquirer.net/?article=16461 By Nick Farrell 09 June 2004 SEVERAL COPIES of a two-stage Trojan virus, which uses an exploit to download and execute an encoded visual basic script from a website, have been seen in the wild. According to security firm MessageLabs it has intercepted several copies of a new Trojan this week although there are no other indications that it will be a major problem. No-one has come up with a name for it yet, although judging by the way it works, perhaps illiterate might be a good title. It appears in an email with a header which seems to have been penned by someone to whom English is a foreign language. It creates an executable file which appears to download a malicious program from the same website as the original script. Early indications suggest that this is similar to previous attacks where Trojans have been used to install key loggers and password stealers. For the record, don't open any emails with the following headers: Subject: about the thing we talked last week.. Hello , This is the letter I told ill wrote for ya.. Here is it.. like you asked for me 2 days ago Hey whatsup remember me? please , asnwer me.. you dont answer for me like 5 weeks allready. Re: Hello the email from 2 days ago.. here is my replay.. whats wrong with you ? why you dont answer to my emails? why you dont answer to my emails.., whats wrong ? _________________________________________ ISN mailing list Sponsored by: OSVDB.org
This archive was generated by hypermail 2b30 : Wed Jun 09 2004 - 04:31:43 PDT